<?php
/*
 * Copyright 2007 by Aleksander Adamowski
 * This software is licensed under GPL v.3.0.
 * See the included file "LICENSE" for details.
 * 
 * This script generates a photo gallery of people in given organizational unit
 * by performing an LDAP search and displaying all entries that match
 * (ou=search_string).
 * 
 * Accepts a single parameter: ou, based on which LDAP search is performed.
 */
Header("Content-type: text/html; charset=UTF-8"); 
require_once 'nocache.php';
require_once 'config.php';
if (isset($_GET['ou'])) {
  $ou = $_GET['ou'];
  // Defend against LDAP filter injection:
  $ou = preg_replace('/[^-_a-zA-Z0-9]/', '', $ou);
}
?>
<HTML>
<HEAD>
<TITLE> LDAP organizational units gallery <?php 	if (isset ($ou)) { echo "for $ou"; } ?> </TITLE>

<?php
require_once 'style.php';
?>
</HEAD>
<BODY>

<P>
Choose the organizational unit:
<form action="" method="GET">
<?php
$ds = ldap_connect($LDAP_SERVER);
$sr = ldap_search($ds, $LDAP_ORGANIZATIONAL_UNITS, "(objectclass=organizationalUnit)", array('ou', 'description'));
ldap_sort($ds, $sr, 'ou');
$entries = ldap_get_entries( $ds, $sr );
echo '<SELECT NAME="ou">';
foreach ($entries as $entry) {
	echo '<OPTION ';
	echo 'VALUE="'.htmlspecialchars($entry['ou'][0]).'" ';
	if (isset ($ou) && $ou == $entry['ou'][0]) { 
		echo 'SELECTED="true"';
	}
	echo '>';
	echo ( isset($entry['description']) ? htmlspecialchars($entry['ou'][0]).' ('.htmlspecialchars($entry['description'][0]).')' : htmlspecialchars($entry['ou'][0]));
	echo '</OPTION>';
}
echo '</SELECT>';
echo '<input  type="submit" value="Browse" />';
echo '</form>';

$ldapfilter = '';
if (isset($ou)) {
	$ldapfilter = "ou=$ou";
}

if (isset($ldapfilter) && ! empty($ldapfilter)) {
	$sr = ldap_search($ds, $LDAP_PEOPLE, "(&($ldapfilter)(accountActive=TRUE))", array('uid', 'cn', 'sn', 'accountActive'));
	ldap_sort($ds, $sr, 'sn');
	//ldap_sort($ds, $sr, 'accountActive');
	$entries_active = ldap_get_entries( $ds, $sr );

	if (isset($_GET['show_inactive'])) {
		$sr = ldap_search($ds, $LDAP_PEOPLE, "(&($ldapfilter)(!(accountActive=TRUE)))", array('uid', 'cn', 'sn', 'accountActive'));
		ldap_sort($ds, $sr, 'sn');
		$entries_inactive = ldap_get_entries( $ds, $sr );

		$entries = array_merge($entries_active, $entries_inactive);
	} else {
		$entries = $entries_active;
	}

	//array_reverse($entries);
	foreach ($entries as $entry) {
		if (! isset($entry['uid'])) {
			continue;
		}
		//echo $entry['cn'][0];
		echo "\n<HR>\n";
		$uid = $entry['uid'][0];
		$included_uid = $uid;
		include('ldap_entry.php');
		if ($_SERVER['PHP_AUTH_USER'] == $included_uid || (isset($LDAP_PHOTO_ADMINS[$_SERVER['PHP_AUTH_USER']]) && $LDAP_PHOTO_ADMINS[$_SERVER['PHP_AUTH_USER']] == 1)) {
			echo '<P><A HREF="ldap_entry.php?oper=change_photo&uid='.htmlspecialchars($included_uid).'"> Change data (photo, phones) for <B>'.htmlspecialchars($included_uid).'</B> </A></P>';
			
		}
	}
}
?>
</P>

</BODY>
</HTML>
